Kaseya
Checks various registry entries for indicators of a Crypto infection. Also, generates a “honeypot” document, If the document becomes encrypted the script will alarm as well.. Able to report with $CryptoAudit$, $CryptoYES$. Acknowledgments: Many thanks to MarcR, MattK from Kaseya Community for inspiration as posted on http://community.kaseya.com/resources/m/knowexch/86518.aspx#pi5230=2 This script is provided “AS-IS”. Please make sure…
Read MoreA folder of 4 scripts to help secure against a SSL vulnerability known as POODLE. “POODLE Fix” script simply adds the necessary registry entries to block SSLv3. It will report to the agent procedure log if the entries were added successfully. There are 2 keys, one for Server and one for Client that are added.…
Read MoreDetermines system drive then runs defrag with the -a argument. Results are then compared, script writes to script log with results. Able to report by filtering script logs for $Audit$(all audit scripts) $Defrag$(returns all results for defrag audit script) $OOD$(show only machines that need defrag)
Read MoreCopy the Remote Wake and VBS program to the C drive. Then Execute the program in the command prompt telling it to use all MAC Address in the Lanwatch list. NOTE: Lanwatch must be scheduled to run this script succesful!
Read MoreThis script determines if UAC is enabled. It then writes results to script log. Able to report by filtering agent procedure logs for keywords $UAC$=all entries. $UACEnabled$=returns all results with UAC enabled. $UACDisabled$=returns all results with UAC disabled. $Audit$= returns all results regarding all audit scripts.
Read MoreThis disables UAC on a Vista PC and runs Reboot – YES script which will ask the user to reboot and reboot after 5 min if they don’t reply. It also sets Registry entry to stop Security Center from complaining that UAC was turned off.
Read MoreThis script disables UAC on Vista & Windows 7 PCs. It also sets Registry entry to stop Security Center from complaining that UAC is turned off. A reboot is required before settings will take effect.
Read MoreClears run command cache by deleting registry key.
Read MoreScript downloads txt files with registry key, & uninstall argument. Script then checks if Defraggler installed, if installed it will uninstall using the uninstall string and argument. Script then writes success or failure to script log. Able to report by filtering Agent Procedure logs for $Defraggler$= All entries regarding Defraggler. $Audit$=All entries regarding audit scripts.
Read MoreScript downloads Intels iAMT scan tool from Intel’s site. If machine is vPro enabled tool will create several registry keys, script will gather status and version if enabled and write values to script log. Able to report by filter script logs for $iAMT$ $Audit$
Read More